To understand the way we, at Safebridge, approach personal data protection and processing and to whom we have a duty of care under applicable legislation for such personal data, it is best to consider our obligations in relation to the individual relationships created between Safebridge and the different types of users of our products and services.
The majority of the customer-base of Safebridge is made up of Shipping (and other) companies interested in our products for the competence management, development, assessment and certification of their employees or candidates for employment (“Companies”).
The use of our products and services requires Companies to disclose individuals’ personal data in our applications to be processed according to the purposes and requirements of each purchased product or service. Such data is stored in the secure Safebridge database located in Hamburg, Germany and processed automatically for the sole purpose of delivering the products or services purchased by Companies and in accordance with the Terms and Conditions, Privacy Policy, and Terms of Use of each product or service.
Responsibility owed towards individuals to ensure compliance with applicable personal data laws, directives and/or regulations lies with each Company when collecting and sharing such information with Safebridge; and Safebridge is responsible only to each Company for any such personal data disclosed.
Individual persons are either invited by Companies to create an account with Safebridge for use of any of our products or services or they purchase a Safebridge product or service themselves.
In both cases, when creating an account with Safebridge, Individuals are required to disclose personal data to be processed according to the purposes and requirements of use of each product or service. Although stored the same way, such personal data is considered separate and not linked to the data inserted, about the same individual, by Companies.
Responsibility owed to individuals for compliance with applicable laws, directives and/or regulations, for personal data directly disclosed by individuals themselves for processing, lies with Safebridge.
By third parties, in this context, we refer to external persons or organisations who may be granted access to the personal data of a specific individual for specific purposes. This, for example, can occur when a certificate is accessed by a third party for verification purposes. Such access is granted either by the Company or the Individual (Data Subject) itself and Safebridge is not responsible for such disclosure.
Sub-contractors are generally not given access to any of Safebridge’s databases. However, considering that there may be exceptional cases where it may be required that sub-contractors are given such access, Safebridge acts proactively, to a reasonable extent, to ensure that the same level of compliance with applicable Data Protection legislation as Safebridge is adopted by sub-contractors.